Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

ylemage_FTNT
Staff
Staff

After install via SCCM we get an error: untrusted publisher for running FCWsc.exe

Hi

Anyone an idea how to solve the untrusted publisher error message that arrives after installation during first start for FCWsc.exe
See screenshot. 

Thx

Yves

3 REPLIES 3
ylemage_FTNT
Staff
Staff

To get rid of this error, import a code signing certificate in the FortiClient package generated using the FortiClient Configurator Tool.

When using this tool, in the last step before generating the packages you have the option to import a code signing certificate. If this code signing certificate is generated by your locally trusted CA then you won't have these warning messages. 

Please see attachment for a screenshot about where to select this certificate in the configurator tool.

Please check this link to see how to generate a code signing certificate using the Microsoft CA:

https://blogs.msdn.microsoft.com/sqlforum/2011/01/02/walkthrough-request-a-digital-certificate-from-certificate-server-or-create-a-testing-digital-certificate-to-sign-a-package/



In Reply to Yves Lemage:

Hi

Anyone an idea how to solve the untrusted publisher error message that arrives after installation during first start for FCWsc.exe
See screenshot. 

Thx

Yves

jonks_FTNT

This warning is a feature of Windows Security Center (WSC) starting in Windows 7.
It is not exclusive to deployment via SCCM.

If WSC detects that FortiClients RTP is disabled, it will display a warning to the user telling that it is disabled.
When you use WSC's interface to re-enable FortiClient's RTP, WSC runs FCWsc.exe to re-enable FortiClient's RTP. If it is the first time you have done this, WSC will display this dialog to confirm your intent.

Note: The FCWsc.exe file is digitally signed by Fortinet.

You can verify the file is signed and untampered by viewing the file properties -> digital certificate tab -> select the certificate, and click Details. The dialog that pops up will display the validity of the files signature and the signing certificate information. The thumbprint of the signing certificate is 'b2 7f 93 8a 1e 7f 31 4a 7b 60 c4 8e a1 96 96 1c da a0 9f 7a'

Yves - regarding the code signing certificate that you mentioned that can be supplied to the FortiClient Configurator tool. The configurator only uses that certificate to sign the executable file installer that the configurator tool creates.
It does not use it to sign the installer 'payload' (the files that are installed onto the computer).

Chris_Lin_FTNT

The advice posted on July 3, 2017 06:14 AM is totally invalid.

And please beware of that scam URL.